Linux Kernel Use-After-Free Vulnerability in ASoC SOF Intel HDA Component

A use-after-free vulnerability has been identified in the Linux kernel's ASoC SOF Intel HDA component. The issue arises when the module is reloaded after being unloaded, leading to a read operation on freed memory. This vulnerability is triggered by the improper handling of a string allocated with 'devm_kasprintf()', which is stored in a global variable. When the module is unloaded, the memory is freed, but the global variable still points to the now-freed memory. Reloading the module causes a use-after-free condition, which can be exploited to read the freed memory, potentially leading to arbitrary memory access or other memory corruption issues.

Impact

Exploitation of this vulnerability causes a use-after-free condition, where the system attempts to read memory that has already been freed. This can lead to memory corruption, allowing for arbitrary memory access, which could be exploited to execute arbitrary code or cause other unintended behavior in the system.

Reproduction

The vulnerability can be reproduced by loading the ASoC SOF Intel HDA module, which allocates a string with 'devm_kasprintf()' and stores it in a global variable. When the module is unloaded, the allocated memory is freed, but the global variable still references this memory. Reloading the module triggers the use-after-free vulnerability, as the system attempts to read the freed memory, leading to a use-after-free read error.